Is quantum computing ready to disrupt cybersecurity?
(TechTarget) The full extent of how quantum computing affects cybersecurity isn’t yet known. There are, however, two areas in which quantum computing can threaten cybersecurity that experts are discussing today.
The biggest worry is that quantum computing can break current RSA cryptography. Quantum computing’s efficiency may enable it to solve certain algorithms — including RSA — faster.
“It’s part of operations of complexity,” Poller of TechTarget says. “Maintaining the key so nobody else can decrypt your data is based on the mathematical principles of prime numbers. To extract the key requires a complex math problem. If the key is large enough, it won’t happen in our lifetime. Say I give you a big enough key and the world’s largest [classic] computer. It would still take over a lifetime to decode, making it worthless to you. With quantum computing, you can take advantage of specific algorithms to shrink that time down because the order of the number of operations becomes less.”
Two such quantum algorithms that could crack RSA are Shor’s algorithm and Grover’s algorithm. These quantum algorithms won’t immediately break RSA, but will begin to break it down over time. Stored data using current encryption would be most at risk because it would be secured by older encryption that quantum could eventually break.
A second quantum computing cybersecurity issue is hackers using it to masquerade attacks, Poller said. These quantum computing attacks could have different behaviors and signatures that slip past current detection software.
“The first set of attacks will be hard to recognize,” Poller said. But similar future attacks will be quickly detected and stopped. “It’s always a cat-and-mouse game between attackers and defenders,” he added.
Quantum computing isn’t all doom and gloom for cybersecurity. Some industry experts are optimistic about quantum computing and have identified two areas where cybersecurity could get a boost: privacy and stronger encryption methods.
In terms of privacy, privacy-enhancing computing (PEC) techniques keep data encrypted while in use and provide in-transit and at-rest protections. With PEC, competitors could potentially work together while keeping all data confidential. Data privacy is a hot-button topic. PEC could help solve privacy issues in use cases such as medical record protection and internal analysis.
Related to PEC is the second benefit of strong encryption methods, namely homomorphic encryption, which Horvath called the most interesting aspect. Homomorphic encryption enables third parties to process encrypted data and provide results without ever having knowledge of either.
Homomorphic encryption can use lattices, or multidimensional algebraic constructs, which quantum computing can’t solve easily. Experts believe lattice-based cryptography could be the best replacement option for current algorithms.
While the technology isn’t quite there for true quantum computing, it’s fast approaching. Companies don’t need to immediately leap to action, but now is the perfect time to learn how quantum will affect businesses.
To get started, take inventory of cryptography currently in use.
For now, companies can start to lengthen current encryption keys. For example, companies using 256-bit should go up to 512-bit keys, thus increasing the time it would take to break encryption. File size restrictions will cause issues eventually, but it’s a good stopgap until new cryptography algorithms are ready.